﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.Security;
using System.Data.Common;
using System.Text;
using System.Web.Configuration;
using System.Data;

public partial class Login : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }
    /// <summary>
    /// Handles the Authenticate event of the lgLogin control.
    /// </summary>
    /// <param name="sender">The source of the event.</param>
    /// <param name="e">The <see cref="System.Web.UI.WebControls.AuthenticateEventArgs"/> instance containing the event data.</param>
    protected void lgLogin_Authenticate(object sender, AuthenticateEventArgs e) {
        Database db = new Database();
        using(Database.Command cmd = db.CreateCommand()) {
            db.OpenConnection();
            cmd.CommandText = "SELECT * FROM " + db.TablePrefix + "users WHERE username = @user AND password = @pass";
            cmd.AddParameterWithValue("@user", lgLogin.UserName);
            cmd.AddParameterWithValue("@pass", Utils.SaltPassword(lgLogin.Password));
            DbDataReader reader = cmd.ExecuteReader(CommandBehavior.CloseConnection);
            if(reader.Read()) {
                e.Authenticated = true;
                FormsAuthentication.RedirectFromLoginPage(lgLogin.UserName, true);
            } else {
                e.Authenticated = false;
            }
        }
    }
}
